Password question - removing SSO

Hello all,

We're looking to do away with SSO, as we've been having a lot of password sync issues. We would like to change our policy to remove SSO, and at the same time, we would like to force all users to change their password, so that they are using an EEPC password that is different from Windows. Is there a way to do this in the UBP policy? I couldn't find a setting that would do require a password change upon getting the new "non-SSO" policy.